Project

General

Profile

Actions

Bug #2876

closed

segfault with fastcgi app

Added by arekm almost 7 years ago. Updated almost 7 years ago.

Status:
Fixed
Priority:
Normal
Category:
core
Target version:
ASK QUESTIONS IN Forums:

Description

1.4.45 works fine
1.4.49 and some earlier version segfaults

Using lighttpd with fastcgi app

end of strace

[pid  5341] close(8)                    = 0
[pid  5341] write(6, "2018-03-15 19:45:15: (server.c.1423) server started (lighttpd/1.4.49 (PLD Linux)) \n", 83) = 83
[pid  5341] stat("/usr/sbin/rt-server.fcgi", {st_mode=S_IFREG|0755, st_size=5449, ...}) = 0
[pid  5341] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5335] <... read resumed> "", 1)   = 0
[pid  5341] +++ killed by SIGSEGV +++
close(6)                                = 0
write(2, "daemonized server failed to start; check error log for details\n", 63daemonized server failed to start; check error log for details
) = 63
exit_group(-1)                          = ?
+++ exited with 255 +++

Files

lighttpd-gdb.txt (5.41 KB) lighttpd-gdb.txt arekm, 2018-03-15 18:44
lighttpd-valgrind.txt (13.4 KB) lighttpd-valgrind.txt arekm, 2018-03-15 18:44
Actions #1

Updated by gstrauss almost 7 years ago

  • Category set to core
  • Target version changed from 1.4.x to 1.4.50

Thank you for the info. It's clear that the error is a NULL pointer dereference, since 'host' has not been set in the fastcgi.server definition. Would you please share the fastcgi.server config from your lighttpd config?

Actions #2

Updated by gstrauss almost 7 years ago

If 'host' is not specified, what behavior are you expecting? Listen on "localhost" 127.0.0.1? Listen on "::1" Listen on "0.0.0.0"? Listen on "::" ? other?

Actions #3

Updated by gstrauss almost 7 years ago

A quick look at commit 18363092 looks like localhost 127.0.0.1 was the default if 'host' was not provided.

Actions #4

Updated by gstrauss almost 7 years ago

  • Status changed from New to Patch Pending

Workaround is to set "host" => "localhost" in the fastcgi.server config (or "host" => "127.0.0.1")

Next release of lighttpd will have this:

--- a/src/gw_backend.c
+++ b/src/gw_backend.c
@@ -1399,8 +1399,12 @@ int gw_set_defaults_backend(server *srv, gw_plugin_data *p, data_unset *du, size
                     host->port = 80;
                 }

-                host->family = (!buffer_string_is_empty(host->host)
-                                && NULL != strchr(host->host->ptr, ':'))
+                if (buffer_string_is_empty(host->host)) {
+                    buffer_copy_string_len(host->host,
+                                           CONST_STR_LEN("127.0.0.1"));
+                }
+
+                host->family = (NULL != strchr(host->host->ptr, ':'))
                   ? AF_INET6
                   : AF_INET;
             }

Actions #5

Updated by arekm almost 7 years ago

Indeed, no host.

            fastcgi.server = (
                "/" => (
                    "rt" => (
                        "port"        => "9000",
                        "bin-path"    => "/usr/sbin/rt-server.fcgi",
                        "check-local" => "disable",
                        "disable-time" => 0,
                        "min-procs" => 2,
                        "max-procs" => 20,
                        "fix-root-scriptname" => "enable",
                    )
                )
            )
        }

Adding host like that:

            fastcgi.server = (
                "/" => (
                    "rt" => (
                        "host"        => "127.0.0.1",
                        "port"        => "9000",
                        "bin-path"    => "/usr/sbin/rt-server.fcgi",
                        "check-local" => "disable",
                        "disable-time" => 0,
                        "min-procs" => 2,
                        "max-procs" => 20,
                        "fix-root-scriptname" => "enable",
                    )
                )
            )
        }

doesn't seem to fix it, still segfaults. valgrind/gdb info in 1-2 days, can't play with it at this moment.

Actions #6

Updated by gstrauss almost 7 years ago

Taking the examples you gave, I can reproduce the crash.
If I add "host" => "127.0.0.1", the crash no longer occurs.
If I use the patch I provided above, the crash no longer occurs.

Please check that you have updated the config, are using that config, have restarted lighttpd, and are hitting that instance of lighttpd with your test request.

Actions #7

Updated by gstrauss almost 7 years ago

  • Status changed from Patch Pending to Fixed
  • % Done changed from 0 to 100
Actions #8

Updated by arekm almost 7 years ago

Patch fixes it for me.

Had one more fastcgi section (without host) which caused segfault.

Actions

Also available in: Atom